versão impressa ISSN 0123-5923
GUERRERO JULIO, MARLENE LUCILA e GOMEZ FLOREZ, LUIS CARLOS. Review of relevant standards and literature regarding information systems risk management and controls. estud.gerenc. [online]. 2011, vol.27, n.121, pp. 195-216. ISSN 0123-5923.
Risk management and controls in information systems (RMCIS) are important activities involved with management systems. Nevertheless, although organizations seem to have an interest in its application, RMCIS has not yet achieved its real impact because there is an inadequate understanding of its meaning or purpose and there is also a lack of organizational change processes needed for its implementation. This article presents a review of the current most relevant RMCIS standards for the purpose of proposing an integration of the roles and activities that organizations should carry out, together with an analysis of the risk levels and their implications for information systems.
Palavras-chave : Information systems; risk level; risk management and controls; standard.